Kernel+Tests: Allow deleting someone else's file in my sticky directory

This should be allowed according to Dr. POSIX. :^)
Author: https://github.com/awesomekling Commit: https://github.com/SerenityOS/serenity/commit/16f934474f Pull-request: https://github.com/SerenityOS/serenity/pull/16594 Reviewed-by: https://github.com/FalseHonesty Reviewed-by: https://github.com/krkk Reviewed-by: https://github.com/supercomputer7 ✅ Reviewed-by: https://github.com/xZise
2026-05-10 17:12:41 +02:00 · 2022-12-19 19:32:31 +01:00 · 2024-07-17 03:16:02 +09:00
parent 47b9e8e651
commit 16f934474f
2 changed files with 50 additions and 1 deletions
--- a/Kernel/FileSystem/VirtualFileSystem.cpp
+++ b/Kernel/FileSystem/VirtualFileSystem.cpp
@@ -868,8 +868,13 @@ ErrorOr<void> VirtualFileSystem::rmdir(Credentials const& credentials, StringVie
        return EACCES;

    if (parent_metadata.is_sticky()) {
-        if (!credentials.is_superuser() && inode.metadata().uid != credentials.euid())
+        // [EACCES] The S_ISVTX flag is set on the directory containing the file referred to by the path argument
+        //          and the process does not satisfy the criteria specified in XBD Directory Protection.
+        if (!credentials.is_superuser()
+            && inode.metadata().uid != credentials.euid()
+            && parent_metadata.uid != credentials.euid()) {
            return EACCES;
+        }
    }

    size_t child_count = 0;